jotraverso/sessionStorage-encryptedToken.cls

## sessionStorage-encryptedToken.cls
//APEX Code
	@AuraEnabled(cacheable = false)
	public static String decryptToken(String encryptedToken) {
		Blob key = EncodingUtil.base64Decode(MY_CUSTOM_SETTING_INSTANCE.Secure_Secret__c);
		Blob data = EncodingUtil.base64Decode(encryptedToken);
		Blob decrypted = Crypto.decryptWithManagedIV(MY_CUSTOM_SETTING_INSTANCE.Algorithm__c, key, data);
		String token = decrypted.toString();
		return token;
	}

	@AuraEnabled(cacheable = false)
	public static String encryptToken(String plainToken) {
		Blob key = EncodingUtil.base64Decode(MY_CUSTOM_SETTING_INSTANCE.Secure_Secret__c);
		Blob data = Blob.valueOf(plainToken);
		Blob crypted = Crypto.encryptWithManagedIV(MY_CUSTOM_SETTING_INSTANCE.Algorithm__c, key, data);
		String token = EncodingUtil.base64Encode(crypted);
		return token;
	}

## sessionStorage-encryptedToken.js
/**
 * getSessionAccessToken. Recover an encrypted session stored token and invoke Apex for decryption
 * encryptToken. Take the plain token, invoke Apex for encryption and store encrypted value in sessionStor
 */
const getSessionAccessToken = function() {
	return new Promise(function(resolve, reject) {
		var token = window.sessionStorage.getItem(SESSION_TOKEN_KEY);
		if (token !== undefined && token !== null) {
			decryptToken({
				encryptedToken: token
			})
				.then(accessToken => resolve(accessToken))
				.catch(error => reject(error));
		} else {
			reject(new Error("No cached token found"));
		}
	});
};

encryptToken({
	plainToken: payload.access_token__c
}).then(encrypted => {
	window.sessionStorage.setItem(SESSION_TOKEN_KEY, encrypted);
});
	//APEX Code
	@AuraEnabled(cacheable = false)
	public static String decryptToken(String encryptedToken) {
	Blob key = EncodingUtil.base64Decode(MY_CUSTOM_SETTING_INSTANCE.Secure_Secret__c);
	Blob data = EncodingUtil.base64Decode(encryptedToken);
	Blob decrypted = Crypto.decryptWithManagedIV(MY_CUSTOM_SETTING_INSTANCE.Algorithm__c, key, data);
	String token = decrypted.toString();
	return token;
	}

	@AuraEnabled(cacheable = false)
	public static String encryptToken(String plainToken) {
	Blob key = EncodingUtil.base64Decode(MY_CUSTOM_SETTING_INSTANCE.Secure_Secret__c);
	Blob data = Blob.valueOf(plainToken);
	Blob crypted = Crypto.encryptWithManagedIV(MY_CUSTOM_SETTING_INSTANCE.Algorithm__c, key, data);
	String token = EncodingUtil.base64Encode(crypted);
	return token;
	}
	/**
	* getSessionAccessToken. Recover an encrypted session stored token and invoke Apex for decryption
	* encryptToken. Take the plain token, invoke Apex for encryption and store encrypted value in sessionStor
	*/
	const getSessionAccessToken = function() {
	return new Promise(function(resolve, reject) {
	var token = window.sessionStorage.getItem(SESSION_TOKEN_KEY);
	if (token !== undefined && token !== null) {
	decryptToken({
	encryptedToken: token
	})
	.then(accessToken => resolve(accessToken))
	.catch(error => reject(error));
	} else {
	reject(new Error("No cached token found"));
	}
	});
	};

	encryptToken({
	plainToken: payload.access_token__c
	}).then(encrypted => {
	window.sessionStorage.setItem(SESSION_TOKEN_KEY, encrypted);
	});